Password history is a new trusted-system feature of the passwd
command, to discourage users from reusing previously used passwords.
The system administrator enables the system-wide password
history feature by creating (or opening, if it already exists) a
file called /etc/default/security
and appending an entry,
PASSWORD_HISTORY_DEPTH=number |
Depending on the value of number (decimal, between 1 and 10),
the system checks the user's new password against that
number of previously used passwords and prevent their usage. (For
example, if number=5, the system will not allow a user to use any
of the last five passwords he or she has previously used.)
Structurally, the password history feature is accomplished
by a shared library, called libpam_unix.1,
which is dynamically loaded at run time by the command. This structural
characteristic is totally transparent to users; the end-user interface
of the command is unchanged.
For further information, consult the passwd(1)
manpage.
Printable version
